- Documentation updates for persistent access token refresh
- Internal module reorganization
- #398 Add support to refresh persistent access tokens
- #326 Remove usage of date-fns production dependency
- #325 Setup volta instead of nvm to handle node versions
- #322 Update acorn version in package-lock file
- #292 #313 Require at least Node 12
- #292 Use private class fields for non-public API's
- #292 Access token
.token
property is now frozen - #318 New public API separating each grant type into it's own submodule
- #321 Rename resource owner credentials module to be accurate
- #292 Upgrade @hapi/hoek to v9 (requires Node 12)
- #292 Upgrade @hapi/joi to v17 (requires Node 12)
- #292 Upgrade @hapi/wreck to v17 (requires Node 12)
- #311 Upgrade nock dev library to v12
- #319 Add Node 14 to test matrix
- #314 Add client credentials token refresh disclaimer
- #317 Fix output documentation for boom errors
- #320 Add complete reference documentation
- #301 Refactor module schema to reuse constants across the codebase
- #302 Extract access token parsing functionality from token class
- #310 #312 Change how date-fns is imported do make it compatible with webpack
- #303 #304 Add more references to API documentation on library README
- #306 Add documentation for URL resolution on host/paths configurations
- #307 Replace travis CI with github actions
- #299 Add support to verify for token expiration with a custom expiration window
- #300 Add support to set the header credentials' encoding mode with
options.credentialsEncodingMode
.
- #298 Add support for custom scope separator by using
options.scopeSeparator
configuration
- #290 Valid token presence is verified on access token creation
- #290 Valid tokenType presence is verified on
.revoke
calls
- #289 Remove dev lodash library from tests
- #285 Update ava test runner to v3
- #287 Update chance-access-token dev library to v2
- #288 Update nyc instrumentation dev library to v15
- #297 Add tests for empty credentials support
- #291 Improve library documentation. Separate API reference from main documentation
- #277 Add support to parse access tokens's expire_at property as UNIX timestamps
- #273 Deprecate unsupported library versions
-
#260 Use @hapi/wreck v15. This version changes how a baseUrl is resolved against a path, affecting how
auth.tokenHost
,auth.tokenPath
,auth.authorizeHost
andauth.authorizePath
are resolved when using the.getToken
methods. See @hapi/wreck breaking changes to better understand potential issues that may arise. -
#260 Use new Node.js WHATWG URL api instead of the legacy url module. This change affects how
auth.authorizeHost
andauth.authorizePath
are resolved when using theauthorizationCode.authorizeURL
method. -
#256 Users can override the
grant_type
parameter when performing a token exchange throught the.getToken
method. Useful in cases where the auth server uses a value different from the standard. -
#256 Token exchange methods no longer mutate provided arguments
-
#255 Follow up to 20 redirects by default
-
#200 #256 Change default multiple scope encoding from using comma to spaces on all token exchange methods
-
#88 Change JSON response parsing mode from
smart
tostrict
. Since the OAuth2 specification indicates only JSON responses are valid, any non-JSON response throws an error instead of resolving into a Buffer. Usehttp.json = true
to restore the previous behavior.
-
#270 All token exchange methods now accept an optional argument to override non-essential http options or read parsing options.
-
#268 All token exchange methods can be called without arguments
-
#263 Use @hapi/joi v16. No breaking changes are expected.
- #262 Use files package option instead of .npmignore
- #267 Better document encoding of values for the token exchange process
- #249 Add dropbox usage example
- #254 Upgrade codebase to eslint v6 and airbnb-base-eslint configuration v14
- #253 Upgrade nock to v11
- #252 Use ava instead of mocha as test runner
- #252 Use ava built-in assertions library instead of chai
- #250 Upgrade date-fns library to v2
- #235 Upgrade Joi version to v15 (@hapi/joi)
- #244 Upgrade mocha test runner to v6
- #244 Upgrade nyc to v14
- #244 Upgrade development dependencies to latest version available
- #242 Upgrade debug dependency to v4
- Fix Joi schema missusage
- Fix access token expiration properties omission
- Ignore access token date properties when not available
- Add support to revoke accessToken and refreshToken in a single call with
revokeAll
- Replace internal request library to wreck
- Replace bluebird with native promise implementation
- Replace callback interface with async/await
- Improve integration tests coverage
- Add support to specify scopes as array in
getToken
method - Add support to empty strings and visual ASCII characters on
clientId
/clientSecret
options
- Update debug dependency
- Add support to encode the authorization headers
- Update dependencies
- Add Node 8 to test matrix
- Add support for custom idParamName in authCode.authorizeURL() method
- Upgrade dependencies, to avoid using outdated/vulnerable versions
- Add support to body encoding format in library requests
- Add missing documentation for module options
- Parse token payload response
expires_in
property as integer
- Fixed documentation for client option.
- Refactored test to use fixtures.
- Update code to comply with more linter rules.
- Fixed examples in README to return on error.
- Added a working example example.
- Clone params and configuration passed
- Changed public api to, to make it consistent. Changed shortcut names to full names.
- Changed public api to allow different sites for /authorize and /tokens
- Added strict schema validation to module options.
- Does not override expires_at property if passed into accessToken.create.
- Upgraded code to strict mode.
- Upgraded all the code base to es6.
- Updated linter settings to meet the new es6 code requirements.
- Fixed shared value for access token, causing tokens to be overriding.
- Replaced internal logger by the debug module logger.
- Fixed some project metadata.
- Added optional sending support to the body auth params.
- Updated license information.
- Updated main dependencies version.
- Fixed leaked token when a refresh token was used.
- Fixed error class prototype inheritance. Now inherits correctly from Error.
- Now all error states returned from the server, are rejected as HTTPError instances. (This allow to know what httpStatusCode was returned)
- Updated project dependencies.
- Added support for passing arguments to the refresh token action.
- Added project badges.
- Code general cleanup and applied code styleguide.
- Created CONTRIBUTING guides! (Separated from README)
- Fixed bug, which resolved promises even if the token wasn´t retrieved. #64
- Better documentation!
- Added support for promise based API
- Adds revocation token method
- Not using headers if access_token is defined as a part of the URL.
- Changes from Pascal Case to Camel Case in the API.
- Adds Bearer Header for requests.
- Now compatible with Github
- Updated name convention on using simple oauth2 configuration block.
- Token expiration is now dinamically defined through the expires_in field returned with the access token from the OAuth2 server
- Fixed missing Basic Auth that somehow is not created from the request library
- Fixed bug on AccessToken#expired() as it had the inverse logic
- AccessToken#refresh() now returns an AccessToken object
- Updated documentation
- Added Password credentials flow
- First version Node client for OAuth2